Kurt Cagle argues (and I tend to agree) that the current fashion for AJAX is likely to result in a lot of nasty, unmaintainable code that probably will be full of security holes as well. He thinks that everyone should be thinking in terms of XForms instead: Why XForms Matter, Revisited – O’Reilly XML Blog

But the only implementation that he mentions is the experimental one for FireFox. Clearly we will need more than that. See his comments for some other alternatives.